Cisco Prime Access Registrar 7.3 Release Notes

Available Languages

Download Options

  • PDF     (574.8 KB)
    View with Adobe Reader on a variety of devices
Updated:March 30, 2020

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Table of Contents

Cisco Prime Access Registrar 7.3 Release Notes

Contents

System Requirements

Co-Existence With Other Network Management Applications

New and Enhanced Features in Cisco Prime Access Registrar 7.3

Support for Decrypting Encrypted-IMSI for EAP-SIM, EAP-AKA, and EAP-AKA’ Services

OCI Connection Management Enhancements

SNMP Traps for Replication

Cisco Prime Access Registrar 7.3 Bugs

Fixed Anomalies in Cisco Prime Access Registrar 7.3.0.11

Fixed Anomalies in Cisco Prime Access Registrar 7.3.0.10

Fixed Anomalies in Cisco Prime Access Registrar 7.3.0.9

Fixed Anomalies in Cisco Prime Access Registrar 7.3.0.8

Fixed Anomalies in Cisco Prime Access Registrar 7.3.0.7

Fixed Anomalies in Cisco Prime Access Registrar7.3.0.5

Fixed Anomalies in Cisco Prime Access Registrar7.3.0.4

Fixed Anomalies in Cisco Prime Access Registrar7.3.0.3

Fixed Anomalies in Cisco Prime Access Registrar7.3.0.2

Using the Bug Search Tool

Related Documentation

Cisco Prime Access Registrar 7.3
Release Notes

Cisco Prime Access Registrar (Prime Access Registrar) is a high performance, carrier class, 3GPP-compliant, 64-bit RADIUS/Diameter solution that provides scalable, flexible, intelligent authentication, authorization, and accounting (AAA) services.

Prime Access Registrar comprises a RADIUS/Diameter server designed from the ground up for performance, scalability, and extensibility for deployment in complex service provider environments including integration with external data stores and systems. Session and resource management tools track user sessions and allocate dynamic resources to support new subscriber service introductions.

note.gif

Noteblank.gif Prime Access Registrar can be used with Red Hat Enterprise Linux (RHEL) 6.6/7.0/7.2 and CentOS 6.5 64-bit operating systems using kernel and Glibc.

note.gif

Noteblank.gif For Prime Access Registrar release 7.3.0.6 and above, RHEL version 6.6 and above and CentOS 6.5 are supported.

Contents

This release note contains the following sections:

System Requirements

This section describes the system requirements to install and use the Prime Access Registrar software.

Table 1 lists the system requirements for Prime Access Registrar 7.3.

 

Table 1 Minimum Hardware and Software Requirements for Prime Access Registrar Server

OS version

RHEL 6.6/7.0/7.2

CentOS 6.5

Note For Prime Access Registrar release 7.3.0.6 and above, RHEL version 6.6 and above and CentOS 6.5 are supported.

Model

X86

CPU type

Intel Xeon CPU 2.30 GHz

CPU Number

8

CPU speed

2.30 GHz

Memory (RAM)

8 GB

Swap space

10 GB

Disk space

1*146 GB

No: of Virtual Sockets

4

No: of Cores per Socket

2

Prime Access Registrar supports JDK versions 1.7 and 1.8 from release 7.3 onwards. Also, Apache Tomcat version has been upgraded to 8.5.16.

Co-Existence With Other Network Management Applications

To achieve optimal performance, Prime Access Registrar should be the only application running on a given server. In certain cases, when you choose to run collaborative applications such as a SNMP agent, you must configure Prime Access Registrar to avoid UDP port conflicts. The most common conflicts occur when other applications also use ports 2785 and 2786. For more information on SNMP configuration, see the “Configuring SNMP” section in the “Configuring Cisco Prime Access Registrar” chapter of the Cisco Prime Access Registrar 7.3 Administrator Guide.

New and Enhanced Features in Cisco Prime Access Registrar 7.3

Cisco Prime Access Registrar 7.3 provides the following features:

Support for Decrypting Encrypted-IMSI for EAP-SIM, EAP-AKA, and EAP-AKA’ Services

Prime Access Registrar supports configuring private keys for decrypting an encrypted-IMSI received from the EAP-client. You can configure the private keys under /Radius/Advanced/Keystores/ EncryptedIMSI-PrivateKeys/keys for EAP-AKA, EAP-AKA’, and EAP-SIM services.

The GUI, CLI, and API are updated with new fields/options to support this functionality.

For more details, refer to the “Extensible Authentication Protocols” chapter of the Cisco Prime Access Registrar 7.3 User Guide.

OCI Connection Management Enhancements

Enhancements have been made to the Oracle Call Interface (OCI) and OCI-accounting remote server configurations.

Any single connection from Prime Access Registrar to Oracle server will be disconnected when one of the following is observed:

  • Occurrence of native Oracle errors that are configured under AdditionalNativeOracleErrors.
  • Continuous query timeouts (configured). This is configured using the OCITimeOutCount parameter.

This single connection disconnect will not impact the other active connections to that remote server. Hence, this will hold the state of the remote server in Prime Access Registrar as active.

Once a connection disconnects, it will attempt to reconnect after a reactivation time interval. You can configure this interval with the OCIConnectionReactivationInterval parameter.

Any Oracle server that Prime Access Registrar connects to will be marked as down during one of the following circumstances:

  • Total number of disconnections reaches a threshold value. You can configure this threshold value using the OCIActiveConnectionThresholdCount parameter.
  • Configured application times out—timeout in server/queue reaches the configured timeout (timeout count X number of connections).
  • When the remote server starts or reactivates, no active connections are available even after waiting for the configured initial timeout.

In all the above cases, the Prime Access Registrar will attempt to re-establish the remote server connection after reactivation timer expires.

The GUI and CLI are updated with these new parameters to support this functionality. For more details, refer to the “Using Open Database Connectivity” chapter of the Cisco Prime Access Registrar 7.3 User Guide.

SNMP Traps for Replication

Prime Access Registrar supports the following SNMP traps for replication:

  • carReplicationSyncFailure—Notifies that there is a synchronization failure in Prime Access Registrar replication. This notification is triggered when there is a failure in sync message exchanges or upon out-of-sync configuration detection.
  • carReplicationSuccess—Notifies that replication synchronization, which was previously in a down state is now resolved.

For more information, refer to the “Using SNMP” chapter of the Cisco Prime Access Registrar 7.3 User Guide.

Cisco Prime Access Registrar 7.3 Bugs

For more information on a specific bug or to search all bugs in a particular Prime Access Registrar release, see Using the Bug Search Tool.

This section contains the following information:

Fixed Anomalies in Cisco Prime Access Registrar 7.3.0.11

Table 2 lists the anomalies fixed in Prime Access Registrar 7.3.0.11 release.

 

Table 2 Fixed Anomalies in Prime Access Registrar 7.3.0.11
Bug
Description

CSCvu27144

When EnableLocationCapability is enabled, radius memory increases.

Fixed Anomalies in Cisco Prime Access Registrar 7.3.0.10

Table 3 lists the anomalies fixed in Prime Access Registrar 7.3.0.10 release.

 

Table 3 Fixed Anomalies in Prime Access Registrar 7.3.0.10
Bug
Description

CSCvt27777

Evaluation of cnsar for Apache Tomcat Ghostcat vulnerability.

PSIRT Evaluation

The Cisco PSIRT has evaluated this issue and does not meet the criteria for PSIRT ownership or involvement. This issue will be addressed via normal resolution channels.

If you believe that there is new information that would cause a change in the severity of this issue, please contact psirt@cisco.com for another evaluation.

Additional information on Cisco's security vulnerability policy can be found at the following URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

Fixed Anomalies in Cisco Prime Access Registrar 7.3.0.9

Table 4 lists the anomalies fixed in Prime Access Registrar 7.3.0.9 release.

 

Table 4 Fixed Anomalies in Prime Access Registrar 7.3.0.9
Bug
Description

CSCvo82754

Agent Server stopped working during Nessus vulnerability scanner.

PSIRT Evaluation

The Cisco PSIRT has evaluated this issue and does not meet the criteria for PSIRT ownership or involvement. This issue will be addressed via normal resolution channels.

If you believe that there is new information that would cause a change in the severity of this issue, please contact psirt@cisco.com for another evaluation.

Additional information on Cisco's security vulnerability policy can be found at the following URL:

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

CSCvp48999

Prime Access Registrar is not trying to reconnect to Oracle DB when all the OCI requests are timed out.

Fixed Anomalies in Cisco Prime Access Registrar 7.3.0.8

Table 5 lists the anomaly fixed in Prime Access Registrar 7.3.0.8 release.

 

Table 5 Fixed Anomaly in Prime Access Registrar 7.3.0.8
Bug
Description

CSCvo33456

Prime Access Registrar restarts and generates core during Device-Watchdog-Request (DWR) trigger to remote server.

Fixed Anomalies in Cisco Prime Access Registrar 7.3.0.7

Table 6 lists the anomalies fixed in Prime Access Registrar 7.3.0.7 release.

 

Table 6 Fixed Anomalies in Prime Access Registrar 7.3.0.7
Bug
Description

CSCvo00331

Prime Access Registrar does not reset the retry counter of DWR when a Device-Watchdog-Answer (DWA) is received for the next retry.

CSCvm63445

Prime Access Registrar restarts when a timeout occurs for Disconnect-Peer-Request (DPR) after all the specified DWR retries.

Fixed Anomalies in Cisco Prime Access Registrar 7.3.0.5

Table 7 lists the anomaly fixed in Prime Access Registrar 7.3.0.5 release.

 

Table 7 Fixed Anomaly in Prime Access Registrar 7.3.0.5
Bug
Description

CSCvm00965

GUI/REST stops working while attempting to log into the interfaces in parallel.

Fixed Anomalies in Cisco Prime Access Registrar 7.3.0.4

Table 8 lists the anomalies fixed in Prime Access Registrar 7.3.0.4 release.

 

Table 8 Fixed Anomalies in Prime Access Registrar 7.3.0.4

Bug
Description

CSCvg75809

Traffic throttling for Diameter Routing Agent (DRA).

CSCvh59297

Prime Access Registrar stops working during Oracle DB outage or Transparent Network Substrate (TNS) listener interface outage.

CSCvj13473

Wrong scripting point is called when handling multiple requests from different clients.

CSCvj62095

Packet leak occurs if HSS sends Error-Codes in Experimental-Result-Code for s6b's Server-Assignment-Answer (SAA).

CSCvj93432

Memory leak observed in the Encrypted IMSI flow.

CSCvj93433

Memory leak observed in EAP-AKA synchronization failure flow.

CSCvj95564

Memory leak is observed during s6b flow with query service.

CSCvk00711

Radius process shows high CPU utilization when ServerMonitor is enabled.

CSCvk25154

Reload failure with TCP and SCTP port and interface configuration.

CSCvk03099

Prime Access Registrar stops working while trying to reload after diameter connection establishment.

Fixed Anomalies in Cisco Prime Access Registrar 7.3.0.3

Table 9 lists the anomalies fixed in Prime Access Registrar 7.3.0.3 release.

 

Table 9 Fixed Anomalies in Prime Access Registrar 7.3.0.3

Bug
Description

CSCvg37245

Prime Access Registrar restarts and generates core if Abort Session Answer (ASA) comes with Diameter-Unknown-Session-Id as Result-Code.

CSCvg48405

Prime Access Registrar generates core, if multiple Registration Termination Requests (RTRs) come for a user with minimal delay.

CSCvg64063

The original Diameter EAP Request (DER) packet is not getting rescheduled.m_bIsActive is FALSE during retrying packets.

CSCvh17779

When the registration failed with HSS, the session is not released properly.

Fixed Anomalies in Cisco Prime Access Registrar 7.3.0.2

Table 10 lists the anomalies fixed in Prime Access Registrar 7.3.0.2 release.

 

Table 10 Fixed Anomalies in Prime Access Registrar 7.3.0.2

Bug
Description

CSCvg34261

Prime Access Registrar generates core file during heavy traffic with Diameter Routing Agent (DRA) as remote server and client.

CSCvg66667

Memory leak due to an internal data structure, which is not releasing the memory.

Using the Bug Search Tool

Use the Bug Search tool (BST) to get the latest information about Cisco Prime Access Registrar bugs. BST allows partners and customers to search for software bugs based on product, release, and keyword, and it aggregates key data such as bug details, product, and version.

BST allows you to:

  • Quickly scan bug content
  • Configure e-mail notifications for updates on selected bugs
  • Start or join community discussions about bugs
  • Save your search criteria so you can use it later

When you open the Bug Search page, check the interactive tour to familiarize yourself with these and other Bug Search features.

Step 1blank.gif Log into the Bug Search Tool.

a.blank.gif Go to https://tools.cisco.com/bugsearch.

b.blank.gif At the Log In screen, enter your registered Cisco.com username and password; then, click Log In. The Bug Search page opens.

note.gif

Noteblank.gif If you do not have a Cisco.com username and password, you can register for them at http://tools.cisco.com/RPF/register/register.do.

Step 2blank.gif To search for a specific bug, enter the bug ID in the Search For field and press Return.

Step 3blank.gif To search for bugs in a particular release:

a.blank.gif In the Search For field, enter the product name and the release version, e.g. Cisco Prime Access Registrar 7.3, and press Return. (Leave the other fields empty.)

b.blank.gif When the search results are displayed, use the filter and sort tools to find the types of bugs you are looking for. You can search for bugs by severity, by status, how recently they were modified, according to the number of support cases associated with them, and so forth.

 

Related Documentation

For a complete list of Cisco Prime Access Registrar 7.3 documentation, see the Cisco Prime Access Registrar 7.3 Documentation Overview.

note.gif

Noteblank.gif We sometimes update the documentation after original publication. Therefore, you should also review the documentation on Cisco.com for any updates.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

© 2018 Cisco Systems, Inc. All rights reserved.

Was this Document Helpful?

FeedbackFeedback

Contact Cisco